Email Security: The Order of Email Security judgement

12/20/2019 1042 11730

DESCRIPTION:

SonicWall Email Security Server processes your incoming email in the following sequence or order of judgement:

1. Connection management (this is connection based list, for example having IP in the allowed IP list would only allow connections from those IP they will still go through normal spam filtering process):
   1. Allowed IP list
   2. Blocked IP list
   3. Reputation IP list
   4. Deferred IP list
   5. Non grey IP list
   6. Greylisted IP list
2. DHA
3. Virus
   1. Capture ATP (additional licensed service)
4. Policy filter
5. Phishing
6. Corporate Allow list
7. Corporate Block list
8. Personal Allow list
9. Personal block list
10. Foreign Language
11. Collab
12. Bayesian Rules
13. RBL
14. DMARC
15. DKIM
16. SPF

Note 1: The more specific address book entries in the corporate address book will only override the per user address book when the entries are dealing with email address to email address or domain to domain entries. Otherwise the more specific address book entry will always override the more general address book entry regardless of its corporate / peruser address book location. 

Note 2: Some features (SPF and DKIM) have the option to ignore allowed list. When you say ‘ignore allow lists’ address book will not give a free pass, for that specific feature only. Unchecking the box for Ignore allow lists will give the sender a free pass for that option only.